Laptops & Airport Security: NYTimes.com, here’s your answer!

The NYTimes.com has a rather lengthy article posted here, asking the old, old question (at least in internet time) of why you have to take the laptop out of its bag and send it in a separate “bin” through security x-ray machines when you’re going through airport security checkpoints.

There’s an easy answer, and we’ve dealt with that here before – maybe the NYTimes columnist – in this case Matt Richtel – should learn how to Google or just shoot us an email. Check our Airport Security FAQ, for example… or just read up on all the other articles we’ve got on the subject. Anyway, since that doesn’t seem to be an option, we’ll take a crack at explaining this tiny piexe of airport security again.

What (o yea, we’ll be using subheadings this time – they’re cool):

If you’re planning to bring a laptop as part of your carry-on when flying, you’ll (in most cases) have to remove it from the bag you have it in, if any, and place it in a separate “bin” before you send it through the x-ray machine. According to the NYTimes, they’ve asked the TSA why this rule exists, only to receive an answer of “confidential information”, which is regular TSA BS (no, not as in Bruce Schneier, but as in BullShit). There are, however, logical reasons for the procedure, and we’ll proceed to explain them now.

How:

How, you say? That’s not part of the question… Oh but it is. You see, when you send your carry on through the machine, it produces an image based on x-ray “backscatter”, sort of (but not quite) like a radar image. I.e. the image is based on how much radiation “comes back” to the sensor array, and the image is then calculated based on those values. If an object is dense enough, then there will be nothing coming back to the sensors, and objects might be obscured.

Also, since different materials will be color coded in the images in order to illustrate to the operator what they are, denser materials will be dominant over less dense, i.e. steel, colored blue/black will dominate (hide) dynamite, for example, being colored orange and less dense. Blue/black plus orange will create a green, which will either blend into the blue or misconstrued as ceramics of some sort. See our page on how to interpret these kinds of x-rays. There are quite a few example images in there.

The issue to be resolved is then how to ensure that a rather large metal mass like a computer doesn’t block items from the image, and how to scan the computer itself in an effective manner.

Why (finally):

The NYTimes article poses the question why iPads, small netbooks etc. do not have to be separately scanned, and why laptops have to be, in the first place.

The answer is simple:

- It’s easy to hide an IED inside a computer. It has nothing to do with jamming tech, etc. It’s just very, very easy to build and conceal a bomb inside a laptop. You’ve already got a power source in there, and programming a timer in the already existing software would be a breeze.

- The amount of metal in a computer is rather high, and will help conceal any foreign objects inside it. Coupled with a bag, perhaps a charger in a side pocket, an extra USB cable or network cable in the bag, things get messy awfully fast.

- Netbooks, iPads or other thin, low metal content “pads” simply do not have the extra space inside to contain anything. Also, they’re thin enough to let the x-rays through, and the operator will be able to see what’s inside.

This isn’t rocket science, but since the TSA insists on concealing simple facts like these from the public, tolerance levels for security measures continue to go down the drain. This is also why we’re here! According to BS (yep, this time we mean the man), this is security theater, but that is, as usual, a faulty presumption on Schneier’s side. The problem is simply that the man has never worked in real, physical security, and has nothing to draw on but his own assumptions. As we all know, assumptions makes ass out of everyone.

X-raying laptops separately is (unlike a lot of other things the TSA decides to do), based on a real threat assessment by actual x-ray operators and supervisors, and was started in the EU and then adopted by the TSA (US), instead of the other way around.